The UK's Get Safe Online campaign has failed to teach Brits how to secure their computers - so says the ex top cop who established the information security awareness effort in 2004.
John Lyons, former crime reduction coordinator at the National Hi-Tech Crime Unit, said the Get Safe Online project had done "little to change attitudes".
"If you lose money from your bank account the banks give it back to you. Nobody cares. Until it hurts you won't get a change in behaviour," Lyons said. He added that "upcoming security threats" are starting to put people in danger.
Lyons, now chief executive of the International Cyber Security Protection Alliance (ICSPA), was speaking at an event in London ahead of the publication of a white paper on emerging online threats, titled Scenarios for the future of cybercrime. The white paper is the first of its kind to emerge from the ICSPA's Project 2020, which was put together with the EU's European Cyber Crime Centre (EC3).
The study warns that attacks on computer networks could soon threaten critical infrastructure and that wearable technologies (from today's gadgets to the future's Google Glass-like contact lenses) will be - like anything electronic - hacked. Techniques developed to beat biology-based authentication systems, such as fingerprint recognition, will also be a major headache.
Trend Micro will accompany the publication with a series of 10 three- to five-minute web videos to get people thinking about ways in which their systems could be compromised.
The production values for the videos, starring professionals actors, are very high and the overall feel from the preview was reminiscent of spy and torture serial 24, although we're assured that the overall feel is more like a police procedural. The series attempts to reach a non-tech-savvy audience beyond the community of security experts and cops to promote security skills. The most obvious target audience is young adults, though backers of the scheme want to reach young kids.
Lyons added that the aim of the "accessible video" was to educate politicians and citizens, particularly youngsters who were still in primary and secondary education. He compared the campaign to public awareness campaigns designed to encourage people to quit smoking.
Troels Oerting, head of EC3, said he intended to talk to Euro officials about pushing the campaign through schools.
Rik Ferguson, global veep of security research at Trend Micro, added "people tend to adopt technologies and think about security issues later, if at all. Facebook is a prime example. We are aiming to change behaviours".
He explained that the theme of the web video series was protecting one's data, specifically showing people asserting control over their personal information, and what the internet of things will mean for sharing of our private details. He denied the hacking risks depicted in the web video will spread FUD by talking up security threats to technologies that are still at the very early stages of development (see the above reference to contact lenses - that's their idea, not ours).
"We're raising awareness about tech possibilities and associated risk," he said.
Tony Neate, chief exec of Get Safe Online, expressed disappointment about Lyon's negative reaction to its work.
“Get Safe Online, being a public private not-for-profit organisation, works very hard with the UK government and our private sector partners to try and educate the UK public and small businesses about how to be safe when they’re online. We are disappointed with John’s comment, as ultimately we are all here to strive towards the same thing – a safer internet for all.” ®